Im sorry if this topic is duplicated, I was not able to find anything similar to this problem.
Our docker clients v17.X + (Docker for Mac & Docker for Linux) are unable to push images under a SSL V2 Registry but are successfully authenticated for pushes under an Insecure V2 Registry (CNAME) that serves the same machine. The output is always the same: unauthorized even if I docker login correctly.
The weird thing is: for our old docker clients (v1.6) we are able to login and push Docker images to a secure v2 Docker registry without any problem using the credentials file stored at ~/.dockercfg. My Nginx appears to be working just fine. Any ideas about what I'm missing here?
_
Im attaching both credentials configuration files, if anyone wants to check:
Docker client: v.17
~/.docker/config.json
{
"auths" : {
"https://secure-docker-registry.intranet": {
"auth": "someAuth",
"email": "somemail#gmail.com"
}
},
"credsStore" : "osxkeychain"
}
Obs: In Docker for Mac's case I tried with 'credsStore' and without it
Obs2: Even allowing anonymous to push images, I'm still getting an unauthorized for this registry.
Obs3: Logs are not very clean about this problem
Obs4: Artifactory is configured using a LDAP Group
Docker client: v.1.6.2
~/.dockercfg
{
"secure-docker-registry.intranet": {
"auth": "someAuth",
"email": "somemail#gmail.com"
},
"insecure-docker-registry.intranet": {
"auth": "someAuth",
"email": "somemail#gmail.com"
}
}
Artifactory Pro's version: 5.4.2
Related
I'm setting up a Strapi install in my Apache cPanel (WHM on CentOS 7), and can't find a proper way to deploy it. I've managed to get it running, but when I try to access the dashboard (/admin), it just shows the index page (the one in public/index).
Is this the proper way to deploy Strapi to an Apache server?
Is the "--quickstart" setting only for testing purposes, or can this be used in Production? If so, what are the pre-deployment steps I need to take?
This is for a simple project that requires easy to edit content that will be grabbed via API manually from another cPanel installation.
Reading through the Strapi docs, I could only find deployment information about Heroku, Netlify and other third-party services such as these, nothing on hosting it yourself on Apache/cPanel.
I've tried setting up a "--quickstart" project locally, getting it working and then deploying via Bitbucket Pipelines. After that, just going into the cPanel terminal and starting it - though the aforementioned problem occurs, can't access admin dashboard.
Here's my server.json configuration:
Production
{
"host": "api.example.com",
"port": 1337,
"production": true,
"proxy": {
"enabled": false
},
"cron": {
"enabled": false
},
"admin": {
"autoOpen": false
}
}
Development
{
"host": "localhost",
"port": 1337,
"proxy": {
"enabled": false
},
"cron": {
"enabled": false
},
"admin": {
"autoOpen": false
}
}
There are no console errors, nor 404s when trying to access it.
Edit
Regarding deployment with the --quickstart setting:
there are many features (mainly related to searching) that don't work properly with SQLite (lack of proper index support) Not to mention the possible slowness due to disk speed and raw IOPS of the disk.
A suggestion on how to implement:
Respectfully, to deploy strapi you likely need to:
1. build a docker container for it
2. make a script to deploy it
3. use SSH and do it manually
4. use a CI/CD platform and scripted to deploy it
In summary:
Strapi is not your typical "copy the files and start apache" it's not a flat file system, Strapi itself is designed to be run as a service similar to Apache/Nginx/MySQL ect. They are all services (Strapi does need Apache/Nginx/Traefik to do ssl for it though via proxying)
If you have the index page when you visit /admin it's because the admin is not built.
Please run yarn build before starting your application.
I'm trying to implement the Local Passport Strategy for Hyperledger Composer Rest Server.
To achieve this, I did the following:
First, I installed passport-local by running the following command:
npm install -g passport-local
In my home folder I created a file called "envvars.txt" with the following content:
COMPOSER_PROVIDERS='{
"local": {
"provider": "local",
"module": "passport-local",
"usernameField": "username",
"passwordField": "password",
"authPath": "/auth/local",
"callbackURL":"/auth/local/callback",
"successRedirect": "/",
"failureRedirect": "/",
"setAccessToken": true,
"callbackHTTPMethod": "post"
}
}'
Then, in oder to set the environment variable COMPOSER_PROVIDERS, I ran the following command:
source envvars.txt
After that I started the composer-rest-server using the following specifications:
When I went to localhost:3000/explorer, http-requests were blocked (as expected) because I was not authenticated.
So far so good.
But when I tried to go to address localhost:3000/auth/local (in order to authenticate), this was not possible ... the web browser gave me an error message, the beginning of which was as follows:
{"error":{"statusCode":404,"name":"Error","message":"Cannot GET /auth/local","status":404,"stack":"Error: Cannot GET /auth/local\n at raiseUrlNotFoundError
What went wrong here?
Any help would be much appreciated.
I think your problem is that you are not persisting the data. In the envvars.txt you need to specify where to persist the data because right now there's no database to store the user and password.
Like explained in the official docs you need to persist your data in MongoDB for example.
What version of ejabberd are you using?
17.04
What operating system (version) are you using?
ubuntu 16.04
How did you install ejabberd (source, package, distribution)?
package
What did not work as expected? Are there error messages in the log? What
was the unexpected behavior? What was the expected result?
I used postman to make a HTTP request to ejabberd register api. The ejabberd is set up and the admin is running properly at the url - http://localhost:5280/admin.
The Url of http request is - http://localhost:5280/api/register
Body - {
"user": "bob",
"host": "example.com",
"password": "SomEPass44"
}
Header - [{"key":"Content-Type","value":"application/json","description":""}]
Response - {
"status": "error",
"code": 32,
"message": "AccessRules: Account does not have the right to perform the operation."
}
I searched a lot to and figured out that it will require some changes in ejabberd.yml file. My yml file is available on the link attached.
THIS LINK CONTAINS YML FILE
ANY HELP WILL GREAT.
In config file /opt/ejabberd/conf/ejabberd.yml
Find api_permissions
Change values of public commands who and what. Compare your code with mentioned below.
see this post:
http://www.centerofcode.com/configure-ejabberd-api-permissions-solve-account-not-right-perform-operation-issue/
I have created a user provided service for redis as below
cf cups p-redis -p "{\"host\":\"xx.xx.xxx.xxx\",\"password\":\"xxxxxxxx\",\"port\":6379}"
This not getting picked automcatically by the redis auto reconfiguration or the service connectors and getting jedis connection pool exception.
When I bind to the redis service created from the market place it works fine with the spring boot application. This confirms there is no issue with the code or configuration. I wanted a custom service for the redis to work with the spring boot app. How can i create such service? What am i missing here? Is this possible?
System-Provided:
{
"VCAP_SERVICES": {
"user-provided": [
{
"credentials": {
"host": "xx.xx.xxx.xxx",
"password": "xxxxxxxx",
"port": 6379
},
"label": "user-provided",
"name": "p-redis",
"syslog_drain_url": "",
"tags": []
}
]
}
}
I could extend the abstract cloud connector and create redis factory myself but i want to make it work out of the box with custom service and auto configuration.
All routes to mapping this service automatically lead to the spring-cloud-connectors project. If you look at the implementation, services must be either tagged with redis or expose a uri with a redis scheme from credential keys based on a permutation of uri.
If you'd like additional detection behavior, I'd recommend opening an issue in the GitHub repo.
What worked for me:
cf cups redis -p '{"uri":"redis://:PASSWORD#HOSTNAME:PORT"}' -t "redis"
Thanks to earlier answers that led me to this solution.
We are working in a mobilefirst 6.3 project, and our .war is installed in a liberty profile server.
We didn't configure the TTL on the analytics before. is there any way (tool, rest service or file-system) that I can remove the analytics logs in mobilefirst.
MobileFirst Platform Foundation Analytics uses ElasticSearch and Lucene at its core - there is nothing special to be done from a MobileFirst perspective.
If you want to remove everything, the whole Analytics store:
Stop the Analytics server
Delete the "analyticsData" folder which is under servers/<server-name>/ in the Liberty installation
Restart the server
Otherwise, using either CURL or Postman you can invoke the DELETE query.
You can find the ElasticSearch API here: https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-delete-by-query.html
Some additional questions about this topic in Stack Overflow:
Removing Data From ElasticSearch
Delete all documents from index/type without deleting type
http://www.tekkie.ro/quick-n-dirty/howto-quickly-erase-all-documents-from-an-elasticsearch-index/
Example steps:
Open the ES port - MobileFirst uses port 9500,
In the Analytics server set the JNDI property http.enabled=true and restart the Analytics server (if it's a cluster, you still only need to open the port on one of the cluster members)
The default "index" to use in your query is "worklight", and the mappings are documented in the user documentation, and are shown on the admin tab in the Analytics console
The endpoint for your delete query would need to be the Analytics server
Postman example query:
DELETE
http://your-analytics-server:9500/worklight/network_transactions/_query
{
"query": {
"range": {
"worklight_data.timestamp": {
"to": 1432313605000
}
}
}
}
CURL example query:
curl -X DELETE 'http://server:9500/worklight/network_transactions/_query' (http://server:9500/worklight/network_transactions/_query%27) -d '{ "query" : { "range" : { "timestamp" : { "lte" : "1432222333424" } } } }'